Beginning February 2010, any user whose account has been compromised will be notified by phone, blocked from their e-mail and Internet use, and required to do the following before their account is reinstated:
- Allow ITS to verify that their work-provided systems are clean and up-to-date. This includes anti-virus, anti-spyware, and all critical security patches.
- Acknowledge that their personal computer systems which connect to USD are also clean, patched, and up-to-date.
- Reread the USD Policy on Responsible Use Computing (and be directed to the ITS Security web site).
- Schedule a time with the ITS Help Desk to receive additional information on anti-phishing and computer security. They will give you a presentation and information on how accounts are compromised and how to protect your computer; the whole process (with a quick quiz at the end) takes about 45 minutes.
- Sign an acknowledgment that they have read the materials, and have had the opportunity to ask questions about safe computing.
How Does an Account Get Compromised?
In many instances, an account holder was victimized by unscrupulous individuals who had sent phishing e-mail appeals enticing them to provide their USD username, password, and social security number. It is also possible the password was stolen through a virus on their computer. In some instances, an account holder uses the same username and password at multiple websites, increasing their chances of an account being hacked.
Why Does a Compromised Account Matter?
USD has seen a number of e-mail phishing attacks that are a direct result of compromised e-mail accounts. Unfortunately, in all cases individuals have been enticed into surrendering their usernames, passwords and, in some cases, their social security numbers. Recent incidents have prompted ITS to take additional measures to ensure our users are informed and protected. The following video summarizes the ways to you can protect yourself from phishing scams:
Compromised accounts affect the entire university community since they frequently result in Internet Service Providers rejecting all e-mail from USD. Once an institution is “blacklisted,” it can take days to be unblocked. In a recent case where a user’s account login was compromised and used for spamming, Hotmail, Yahoo, Cox Communications, AT&T, Google, Time Warner Road Runner, AOL, and other universities blocked all e-mail coming from sandiego.edu because of the high volume of spam coming from just one compromised account.
On the technology front, ITS has taken strong measures to improve e-mail delivery and security. On a typical work day, USD receives 450,000 inbound e-mail messages; approximately 43 percent of those are identified as junk e-mail and blocked with spam filtering devices. In addition, every computer at USD is required to have SafeConnect, to update critical Operating System patches, and to have up-to-date anti-virus applications before connecting to USD's network; virus and spam filtering on USD’s e-mail servers ensure that minimal spam makes it through to you. Still, it takes only one compromised USD account that is taken over for spamming purposes to get the University blacklisted. In order to minimize this problem, ITS needs your help. We ask that you:
- Never share your passwords or social security number with anyone, under any circumstance.
- Never reply to suspect e-mails or click links that may be inside a suspect e-mail message.
- Always create strong passwords (view password tips).
ITS is continually updating security awareness materials. For more information about cyber-security, please visit our site at: http://www.sandiego.edu/its/security/
USD’s Symantec anti-virus site license agreement allows and extends full use of anti-virus programs for home use to all USD faculty, staff and students for the protection and scanning of their home systems. These can also be downloaded at the security link above.